[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20231102223017.GO1957730@ZenIV>
Date: Thu, 2 Nov 2023 22:30:17 +0000
From: Al Viro <viro@...iv.linux.org.uk>
To: Philipp Stanner <pstanner@...hat.com>
Cc: "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
Stanislav Fomichev <sdf@...gle.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Benjamin Tissoires <benjamin.tissoires@...hat.com>,
linux-ppp@...r.kernel.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, Dave Airlie <airlied@...hat.com>
Subject: Re: [PATCH] drivers/net/ppp: copy userspace array safely
On Thu, Nov 02, 2023 at 11:02:35PM +0100, Philipp Stanner wrote:
> We introduced those wrappers to string.h hoping they will be useful.
> Now that they're merged, I quickly wanted to establish them as the
> standard for copying user-arrays, ideally in the current merge window.
> Because its convenient, easy to read and, at times, safer.
They also save future readers a git grep to find the sizes, etc.
Again, the only suggestion is that regarding the commit message;
_some_ of those might end up fixing real overflows and you obviously
want to see how far do those need to be backported, etc. And "in this
case the overflow doesn't actually happen because <reasons>, but
not having to do such analysis is a good thing" is not a bad explanation
why the primitive in question is useful, IMO. Granted, in cases like
256 * sizeof(u32) that would be pointless, but for the ones that
are less obvious...
> I just didn't see it in ppp. Maybe I should have looked more
> intensively for all 13 patches. But we'll get there, that's what v2 and
> v3 are for :)
In any case you want to check if there are real bugs caught in that.
Powered by blists - more mailing lists